ARE THE LAWS OUTDATED IN INDIA REGARDING CYBER CRIMES?
The Authors of this blog are Ms. Muskan Pipania & Mr. Prakhyat Gargasya, students of 5th year, BA LLB(H) at Dr. Ram Manohar Lohiya National Law University, Lucknow
and its types
As the nation has encountered technological innovation
over the last two decades, the use and misuse of the Internet also spread
across the nation.
With India becoming the second largest online market
with over 560 Million internet users, ranked after China,
new criminal opportunities also emerged. The most common crimes include Email
and internet fraud, identity theft, traffic in child pornography and
intellectual property, cyber extortion, crypto-jacking etc. Such criminal
activities either targets or uses a computer, a computer network or a networked
device, and commonly known as Cybercrimes or Computer Crimes.
Cybercrimes can be classified into numerous forms, some
of which are:
A crime involving an assault or attack or threat combined with a demand for
money. One type of cyber-extortion is the ransomware assault, in which the
assailant accesses an organization's systems and encodes/encrypts its documents
and files making the data inaccessible or unavailable until a ransom is paid, mostly
in form of crypto currency, for example bit coin.
An attack that uses scripts to mine digital currencies i.e. crypto currencies
within browsers without the user's assent. Crypto jacking involves loading
crypto currency mining software to the victim's system. Nonetheless, numerous
browser has a tab or window open on the malicious or pernicious site; no
malware is needed to be installed because loading the affected page executes
the in-browser mining code.
Such a crime involves a cybercriminal who hacks into systems to gain access to
confidential information held by a government or other organization.
Cyberespionage activities can include every type of cyber attack to accumulate,
change or obliterate data, as well as using network-associated devices, such as
webcams or closed-circuit TV (CCTV) cameras, to keep an eye on a targeted
individual or groups and monitoring or checking communications, including
emails, text messages and instant messages.
Exit Scam- The
dark web has given rise to the digital version of an old crime known as the
exit scam. Presently, dark web administrators divert virtual currency held in
marketplace escrow accounts to their own accounts, basically, criminals
stealing from other criminals.
Laws v Cyber Crimes
The term ‘Cybercrime’ is not per se defined anywhere
in India, neither in Information Technology Act, 2000 nor in the IT Amendment
Act, 2008, nor in any other legislation. However, most of such crimes are
listed under the IT Act, 2008
The Information Technology Act was enacted by the
Indian Parliament on 17th October, 2000 and is the primary law in India dealing
with offences related cybercrime and electronic commerce. Basically, the act is
based the United Nations Model Law on Electronic Commerce 1996 (UNCITRAL Model)
recommended by the General Assembly of United Nations.
Despite rapid changes in technology, IT Act has hardly
changed over the last decade. However,
offences like hacking, data theft, virus attack, forging a credit or debit card
or fraudulent intent to cause wrongful loss or gain could be prosecuted under
the provisions of Indian Penal Code, 1860.
Regarding the need of change in the IT Act, cyber
expert Anil Raj of Cyber vault Security Solutions Pvt. Ltd said, “It has been
observed that the pace of cybercrime has definitely increased”, furthermore, he
added that “We have Artificial Intelligence, Cloud Computing, Internet of
Things coming into the image. The cyber network has expanded, hence, the chance
of vulnerability to be exploited by fraudsters also increased and so the act ought
to have more changes so that there are No legal loopholes.”
According to the data shared by CERT-IN, an
organization of Ministry of Electronics and Information Technology, Government
of India showed that total cyber security incidents handled by them increased
from 2,565 in 2008 to 53,117 in 2017 and finally 3,94,499 in 2019; in which
incidents related Unauthorized Network Scanning/Probing increased from 9,383 in
2017 to 3,05,276 in 2019.
It has been seen that if provisions under Indian Legislations
regarding cybercrime are compared with any other country, one would come to the
conclusion that India does not have strict laws for cybercrime. For instance,
In India, punishment for Child Pornography under Protection of Children from
Sexual Offences (POCSO) Act, 2012 is term not exceeding five years, whereas, in
USA, the minimum statutory punishment (for the same offence) is imprisonment
for fifteen to thirty years.
While a total sum of 21,796 crimes were recorded under
both Indian Penal Code, 1860 and Information Technology Act, 2000 in 2017, the
number has increased to 27,248 in the year of 2018; Harold D’Costa, a cyber
expert stressed on the need to have special courts or Tribunals and a need for
making such offences Non-Bailable with higher penalties.
The primary reason which was observed behind fewer
convictions of crimes is the lack of Standard operating procedures for Search,
Seizure and forensic examination of digital evidence.
Moreover, being non-local in character i.e. such
computer crimes can occur in jurisdictions separated by vast distances. This
poses severe problems for law enforcement. Many a times, thought, the
investigating agencies do all the right things and follow all the standard
procedures, these cases are difficult to crack. For example, crimes which extends
beyond the boundaries of a country - obtaining court orders in different
jurisdictions and following every legal assistance treaty signed by India with
other countries, in most of the cases leads to cases remaining stagnant for
years on end.
Can You Do To Protect Yourself?
It is always
suggested to keep your software and operating system up-to date. This ensures
that you latest security patches to protect your computer.
or a comprehensive internet security solution. This helps to protect your
computer and data from crimes as it scans, detects and removes threats before
they become a problem.
passwords or passcodes.
Never open an
attachment in spam emails or on untrusted websites. It is a classic way in
which computers get infected by malware attacks and other forms of cybercrimes.
Never give out
personal information unless it is in secure network.
mindful of which website URLs you visit.
7. Whenever possible, use two-factor authentication.
Information technology has spread through the world.
Computer is utilized in every sector wherein cyberspace or the internet gives
equal opportunities to all, for economic growth and human development. As the
use of internet grows the range of online interaction also expands, there is
expansion and development in the cyber crimes i.e. breach of online contracts,
execution of online torts etc. In the modern and advanced cyber technology
world, it is particularly important to adopt a stricter law by the cyber space
authority in order to regulate criminal activities and to provide better
administration of justice to the victim of such crimes. Although, enactment of
Information Technology Act, 2000 and Information Technology Amendment Act, 2008
is a milestone in the technological development and growth of the country;
however, the current and existing laws is not sufficed. Numerous issues in
cyber crimes are still left uncovered.
Sandhya Keelery, “Internet
Usage in India- Statistics & facts”, Statista, Jul 7, 2020.
Sunil Pradhan, “IT Act
outdated, needs changes due to new tech”, Sakal Times, Jan. 2, 2019.
Emergency Response Team, Ministry of Electronic & Information Technology,
Government of India, available at:https://www.cert-in.org.in/ (Visited on Aug 31,